Enabling Secure and Efficient Video Delivery Through Encrypted In-Network Caching

In-network content caching has been a natural trend in emerging network architectures to handle the exponential growth of video traffic. However, due to the potentially wide attacking surfaces, caching video content in the increasingly untrusted networked environment inevitably raises new concerns o...

Full description

Saved in:

Bibliographic Details
Published in	IEEE journal on selected areas in communications Vol. 34; no. 8; pp. 2077 - 2090
Main Authors	Xingliang Yuan, Xinyu Wang, Jinfan Wang, Yilei Chu, Cong Wang, Jianping Wang, Montpetit, Marie-Jose, Shucheng Liu
Format	Journal Article
Language	English
Published	New York IEEE 01.08.2016 The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects	Caching Cryptography Design analysis Design engineering encrypted in-network caching Indexes Networks Protocol (computers) Protocols secure redundancy elimination Secure video delivery Security Servers Streaming media Traffic engineering Traffic flow
Online Access	Get full text

Cover

Loading…

Abstract	In-network content caching has been a natural trend in emerging network architectures to handle the exponential growth of video traffic. However, due to the potentially wide attacking surfaces, caching video content in the increasingly untrusted networked environment inevitably raises new concerns on user privacy exposure and unauthorized video access. Existing encrypted protocols like HTTPs either fall short of fully leveraging in-network caching or require decrypting the traffic in the middle without guaranteeing the end-to-end security. In this paper, we present a new networked system for efficient encrypted video delivery while preserving the benefits of in-network caching. As video chunks are encrypted before distribution, we first design a compact, efficient, yet encrypted video fingerprint index to empower the network with a fully controlled capability of locating the cached encrypted chunks for given encrypted requests. We then explain how to deploy the encrypted design in our proposed architecture and present a secure redundancy elimination protocol to enable fast video delivery via leveraging cached encrypted chunks. We further discuss the full support of cache management, adaptive video delivery, and video access control. Rigorous analysis and prototype evaluations demonstrate the security, efficiency, and effectiveness of the design.
AbstractList	In-network content caching has been a natural trend in emerging network architectures to handle the exponential growth of video traffic. However, due to the potentially wide attacking surfaces, caching video content in the increasingly untrusted networked environment inevitably raises new concerns on user privacy exposure and unauthorized video access. Existing encrypted protocols like HTTPs either fall short of fully leveraging in-network caching or require decrypting the traffic in the middle without guaranteeing the end-to-end security. In this paper, we present a new networked system for efficient encrypted video delivery while preserving the benefits of in-network caching. As video chunks are encrypted before distribution, we first design a compact, efficient, yet encrypted video fingerprint index to empower the network with a fully controlled capability of locating the cached encrypted chunks for given encrypted requests. We then explain how to deploy the encrypted design in our proposed architecture and present a secure redundancy elimination protocol to enable fast video delivery via leveraging cached encrypted chunks. We further discuss the full support of cache management, adaptive video delivery, and video access control. Rigorous analysis and prototype evaluations demonstrate the security, efficiency, and effectiveness of the design.
Author	Xingliang Yuan Cong Wang Jinfan Wang Yilei Chu Shucheng Liu Xinyu Wang Montpetit, Marie-Jose Jianping Wang
Author_xml	– sequence: 1 surname: Xingliang Yuan fullname: Xingliang Yuan email: xl.y@my.cityu.edu.hk organization: Dept. of Comput. Sci., City Univ. of Hong Kong, Hong Kong, China – sequence: 2 surname: Xinyu Wang fullname: Xinyu Wang email: xy.w@my.cityu.edu.hk organization: Dept. of Comput. Sci., City Univ. of Hong Kong, Hong Kong, China – sequence: 3 surname: Jinfan Wang fullname: Jinfan Wang email: jfwang4@cityu.edu.hk organization: Dept. of Comput. Sci., City Univ. of Hong Kong, Hong Kong, China – sequence: 4 surname: Yilei Chu fullname: Yilei Chu email: ychu1@andrew.cmu.edu organization: Inf. Networking Inst., Carnegie Mellon Univ., Pittsburgh, PA, USA – sequence: 5 surname: Cong Wang fullname: Cong Wang email: congwang@cityu.edu.hk organization: Dept. of Comput. Sci., City Univ. of Hong Kong, Hong Kong, China – sequence: 6 surname: Jianping Wang fullname: Jianping Wang email: jianwang@cityu.edu.hk organization: Dept. of Comput. Sci., City Univ. of Hong Kong, Hong Kong, China – sequence: 7 givenname: Marie-Jose surname: Montpetit fullname: Montpetit, Marie-Jose email: marie@mjmontpetit.com organization: Res. Lab. of Electron., Massachusetts Inst. of Technol., Cambridge, MA, USA – sequence: 8 surname: Shucheng Liu fullname: Shucheng Liu email: liushucheng@huawei.com organization: Huawei Technol. Co., Ltd., Shenzhen, China
BookMark	eNpdkE1P20AQhleISg2UH1BxWakXLk5ndvbLRxQCpUJUCNqr5azHxNSsw9qmyr_HURCHnubyvK_eeY7EYewiC_EVYY4I-fef9-eLuQK0c2WcI8ADMUNjfAYA_lDMwBFl3qH9LI76_gkAtfZqJu6WsVy1TXyU9xzGxLKMlVzWdRMajoP801TcyQtum1dOW_mwTt34uJbLGNJ2M3Alr2N2y8O_Lv2VizKsp6Iv4lNdtj2fvN9j8fty-bD4kd38urpenN9kgZQdslwDgfclWavqmr3WBqvcWKfB2xUFApfbijVWRKr0rFbBaE9WKfTeMNCxONv3blL3MnI_FM9NH7hty8jd2BfoafrfAdkJ_fYf-tSNKU7rJgqRlPOEE4V7KqSu7xPXxSY1z2XaFgjFTnKxk1zsJBfvkqfM6T7TMPMH77Q3Pjf0Bsh9dvQ
CODEN	ISACEM
CitedBy_id	crossref_primary_10_1109_TMM_2017_2733338 crossref_primary_10_1109_JSAC_2020_2971806 crossref_primary_10_1109_TSC_2018_2850333 crossref_primary_10_1109_COMST_2017_2758763 crossref_primary_10_1109_JPROC_2021_3127277 crossref_primary_10_1109_JIOT_2020_3048842 crossref_primary_10_1109_COMST_2023_3265984 crossref_primary_10_1109_MIC_2018_2877809 crossref_primary_10_1109_ACCESS_2019_2950593 crossref_primary_10_1109_TCOMM_2019_2935047 crossref_primary_10_1109_JIOT_2017_2764418
Cites_doi	10.1145/2674005.2675003 10.1109/GLOCOM.2013.6831390 10.1145/2382196.2382298 10.1109/TMM.2013.2238910 10.1109/INFCOM.2012.6195531 10.1145/1594977.1592580 10.1145/2714576.2714628 10.1145/2342488.2342508 10.1109/TNET.2012.2190297 10.1145/2070562.2070563 10.1145/347057.347408 10.3233/JCS-2011-0426 10.1145/2155555.2155570 10.1145/2620728.2620768 10.1016/j.jalgor.2003.12.002 10.1109/MCOM.2012.6231276 10.1145/2342488.2342501 10.1109/ANCS.2013.6665203 10.1145/2674005.2674994 10.1145/2377677.2377680 10.1145/1921233.1921240 10.1145/2656877.2656887 10.1109/SP.2014.12 10.14722/ndss.2014.23264 10.1145/2785956.2787502 10.1145/2491224.2491228 10.1145/1180405.1180418 10.1145/1127345.1127346
ContentType	Journal Article
Copyright	Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2016
Copyright_xml	– notice: Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2016
DBID	97E RIA RIE AAYXX CITATION 7SP 8FD L7M F28 FR3
DOI	10.1109/JSAC.2016.2577301
DatabaseName	IEEE All-Society Periodicals Package (ASPP) 2005-present IEEE All-Society Periodicals Package (ASPP) 1998-Present IEEE Electronic Library (IEL) CrossRef Electronics & Communications Abstracts Technology Research Database Advanced Technologies Database with Aerospace ANTE: Abstracts in New Technology & Engineering Engineering Research Database
DatabaseTitle	CrossRef Technology Research Database Advanced Technologies Database with Aerospace Electronics & Communications Abstracts Engineering Research Database ANTE: Abstracts in New Technology & Engineering
DatabaseTitleList	Technology Research Database Engineering Research Database
Database_xml	– sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher
DeliveryMethod	fulltext_linktorsrc
Discipline	Engineering
EISSN	1558-0008
EndPage	2090
ExternalDocumentID	4147270381 10_1109_JSAC_2016_2577301 7485895
Genre	orig-research
GrantInformation_xml	– fundername: National Natural Science Foundation of China–Guangdong Joint Fund grantid: U1501254 funderid: 10.13039/501100001809 – fundername: Microsoft Azure Grant for Research funderid: 10.13039/100004318 – fundername: Research Grants Council of Hong Kong grantid: CityU 138513; 122913 – fundername: Natural Science Foundation of China grantid: 61572412 funderid: 10.13039/501100001809
GroupedDBID	-~X .DC 0R~ 29I 3EH 4.4 41~ 5GY 5VS 6IK 97E AAJGR AASAJ AAYOK ABQJQ ABVLG ACGFO ACGFS ACIWK ACNCT ADRHT AENEX AETIX AI. AIBXA AKJIK ALLEH ALMA_UNASSIGNED_HOLDINGS ATWAV BEFXN BFFAM BGNUA BKEBE BPEOZ CS3 DU5 EBS EJD HZ~ H~9 IBMZZ ICLAB IES IFIPE IFJZH IPLJI JAVBF LAI M43 O9- OCL P2P RIA RIE RIG RNS TN5 VH1 XFK AAYXX CITATION 7SP 8FD L7M F28 FR3
ID	FETCH-LOGICAL-c326t-9403088a3662ffe84451d95674086b3c30796de41d332a8e2bc54836221885e03
IEDL.DBID	RIE
ISSN	0733-8716
IngestDate	Fri Aug 16 23:26:14 EDT 2024 Thu Oct 10 17:57:37 EDT 2024 Fri Aug 23 02:18:41 EDT 2024 Wed Jun 26 19:28:33 EDT 2024
IsPeerReviewed	true
IsScholarly	true
Issue	8
Language	English
LinkModel	DirectLink
MergedId	FETCHMERGED-LOGICAL-c326t-9403088a3662ffe84451d95674086b3c30796de41d332a8e2bc54836221885e03
Notes	ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 23
PQID	1811327831
PQPubID	85481
PageCount	14
ParticipantIDs	proquest_miscellaneous_1835587036 proquest_journals_1811327831 crossref_primary_10_1109_JSAC_2016_2577301 ieee_primary_7485895
PublicationCentury	2000
PublicationDate	2016-08-01
PublicationDateYYYYMMDD	2016-08-01
PublicationDate_xml	– month: 08 year: 2016 text: 2016-08-01 day: 01
PublicationDecade	2010
PublicationPlace	New York
PublicationPlace_xml	– name: New York
PublicationTitle	IEEE journal on selected areas in communications
PublicationTitleAbbrev	J-SAC
PublicationYear	2016
Publisher	IEEE The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Publisher_xml	– name: IEEE – name: The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
References	ref13 ref12 ref37 ref36 (ref5) 2012 ref31 ref30 ref33 ref32 ref10 dorwin (ref15) 2015 ref2 wang (ref11) 2013 ref16 ref19 ref18 hughes (ref34) 2014 (ref1) 2015 (ref21) 2014 angius (ref14) 2015 ref24 ref23 ref26 ref25 ref20 ref22 ref28 ref27 ref29 ref8 (ref17) 2014 ref7 ref9 ref4 ref3 burns (ref35) 2011 ref6
References_xml	– ident: ref9 doi: 10.1145/2674005.2675003 – ident: ref8 doi: 10.1109/GLOCOM.2013.6831390 – ident: ref19 doi: 10.1145/2382196.2382298 – ident: ref25 doi: 10.1109/TMM.2013.2238910 – ident: ref31 doi: 10.1109/INFCOM.2012.6195531 – ident: ref37 doi: 10.1145/1594977.1592580 – ident: ref26 doi: 10.1145/2714576.2714628 – ident: ref7 doi: 10.1145/2342488.2342508 – year: 2014 ident: ref34 publication-title: ISO/IEC 23001-7 3rd Edition-Common Encryption in ISO Base Media File Format Files contributor: fullname: hughes – ident: ref24 doi: 10.1109/TNET.2012.2190297 – ident: ref30 doi: 10.1145/2070562.2070563 – ident: ref36 doi: 10.1145/347057.347408 – year: 2015 ident: ref1 publication-title: Virtual Networking Index (VNI) – year: 2011 ident: ref35 publication-title: Watch Out Netflix Amazon Instant Video Reaches 100 000 On-Demand Titles contributor: fullname: burns – ident: ref18 doi: 10.3233/JCS-2011-0426 – ident: ref27 doi: 10.1145/2155555.2155570 – ident: ref10 doi: 10.1145/2620728.2620768 – ident: ref28 doi: 10.1016/j.jalgor.2003.12.002 – ident: ref2 doi: 10.1109/MCOM.2012.6231276 – start-page: 687 year: 2013 ident: ref11 article-title: Steal this movie-Automatically bypassing DRM protection in streaming media services publication-title: Proc Usenix Security contributor: fullname: wang – ident: ref6 doi: 10.1145/2342488.2342501 – year: 2012 ident: ref5 publication-title: Cisco ASR 9000 Series Integrated Service Module – ident: ref4 doi: 10.1109/ANCS.2013.6665203 – ident: ref20 doi: 10.1145/2674005.2674994 – ident: ref23 doi: 10.1145/2377677.2377680 – start-page: 267 year: 2015 ident: ref14 article-title: Drop dead data-What to expect securing data instead of channels publication-title: Proc IEEE CCNC contributor: fullname: angius – year: 2015 ident: ref15 publication-title: W3C Editor's Draft-Encrypted Media Extensions contributor: fullname: dorwin – ident: ref3 doi: 10.1145/1921233.1921240 – ident: ref29 doi: 10.1145/2656877.2656887 – ident: ref13 doi: 10.1109/SP.2014.12 – ident: ref32 doi: 10.14722/ndss.2014.23264 – ident: ref16 doi: 10.1145/2785956.2787502 – ident: ref12 doi: 10.1145/2491224.2491228 – ident: ref33 doi: 10.1145/1180405.1180418 – year: 2014 ident: ref17 publication-title: Information Technology-Dynamic Adaptive Streaming Over HTTP (DASH)-Part 1 Media Presentation Description and Segment Formats – year: 2014 ident: ref21 publication-title: Information Technology-High Efficiency Coding and Media Delivery in Heterogeneous Environments-Part 1 MPEG Media Transport (MMT) – ident: ref22 doi: 10.1145/1127345.1127346
SSID	ssj0014482
Score	2.3491173
Snippet	In-network content caching has been a natural trend in emerging network architectures to handle the exponential growth of video traffic. However, due to the...
SourceID	proquest crossref ieee
SourceType	Aggregation Database Publisher
StartPage	2077
SubjectTerms	Caching Cryptography Design analysis Design engineering encrypted in-network caching Indexes Networks Protocol (computers) Protocols secure redundancy elimination Secure video delivery Security Servers Streaming media Traffic engineering Traffic flow
Title	Enabling Secure and Efficient Video Delivery Through Encrypted In-Network Caching
URI	https://ieeexplore.ieee.org/document/7485895 https://www.proquest.com/docview/1811327831 https://search.proquest.com/docview/1835587036
Volume	34
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
link	http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1LS8QwEB7Ukx58i-uLCJ7ErmnTNulR1hUVFMQH3kqTTkGU7qK7B_31zqTdxdfBW6BJGjKTzHyZyReAA20lahfpIKkKGZBSYGCrjFCKxSJ1VSjRA8Wr6_T8Pr58TB5n4Gh6FwYRffIZdrnoY_nlwI35qOxYxyYxWTILs0ZGzV2tacSAYIaPGGilAgYBbQQzlNnx5e1Jj5O40i7pJ2v0NxvkH1X5tRN783K2BFeTgTVZJc_d8ch23ccPzsb_jnwZFls_U5w0irECM1ivwsIX9sE1uOnzvSkqCn_ojqKoS9H3lBLUmXh4KnEgTvGFMzfexV3zoI_o1-71fUh-qriog-smiVz0mpTMdbg_69_1zoP2hYXAkds2CrKY6WpModI0qio0zFZWEmLSMSEdqxxtAFlaYhyWSkWFwcg6Qjhk88gxMAlKtQFz9aDGTRAhNZcapVOo4swqo8nq2SoKy0oWrkw7cDiZ83zYEGnkHoDILGcB5SygvBVQB9Z4DqcV2-nrwM5ESnm71N5yclEIUWujqNX-9DMtEo58FDUOxlyHWeSZa2zr7563YZ7_32T27cDc6HWMu-RtjOyeV7NPBAzPbg
link.rule.ids	315,786,790,802,27955,27956,55107
linkProvider	IEEE
linkToHtml	http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3fT9swED517GHjATYKosDAk_aESHHiJE4eUVdUoK00rUW8RbFzkaahFEH7AH89d05aMdgDb5b8Q5bv7LvPd_4M8EMbidoG2ovKXHqkFOiZMiWUYjCPbelLdEBxNI4H0_DyJrppwcnqLQwiuuQz7HLRxfKLmV3wVdmpDpMoSaMP8JHsvNT1a61VzICAhosZaKU8hgFNDNOX6enl77Mep3HFXdJQ1ul_rJD7VuXNWewMzPkmjJZTq_NK_nYXc9O1T69YG9879y-w0Xia4qxWja_QwmoL1l_wD7bhV59fTlFRuGt3FHlViL4jlaDBxPWfAmfiJ95y7sajmNRf-oh-Ze8f78hTFReVN67TyEWvTsrchul5f9IbeM0fC54lx23upSET1iS5iuOgLDFhvrKCMJMOCesYZekISOMCQ79QKsgTDIwljENWj1yDJEKpdmCtmlW4C8Kn7lKjtApVmBqVaLJ7pgz8opS5LeIOHC_XPLurqTQyB0FkmrGAMhZQ1gioA21ew1XDZvk6cLCUUtZstoeMnBTC1DpR1Ov7qpq2Ccc-8gpnC27DPPLMNrb3_5GP4NNgMhpmw4vx1T585rnUeX4HsDa_X-A38j3m5tCp3DMfOtLC
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Enabling+Secure+and+Efficient+Video+Delivery+Through+Encrypted+In-Network+Caching&rft.jtitle=IEEE+journal+on+selected+areas+in+communications&rft.au=Yuan%2C+Xingliang&rft.au=Wang%2C+Xinyu&rft.au=Wang%2C+Jinfan&rft.au=Chu%2C+Yilei&rft.date=2016-08-01&rft.issn=0733-8716&rft.volume=34&rft.issue=8&rft.spage=2077&rft.epage=2090&rft_id=info:doi/10.1109%2FJSAC.2016.2577301&rft.externalDBID=NO_FULL_TEXT
thumbnail_l	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0733-8716&client=summon
thumbnail_m	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0733-8716&client=summon
thumbnail_s	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0733-8716&client=summon